AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

infonews

securitysafety

Source: The Hacker NewsFebruary 8, 2026

Summary

OpenClaw has partnered with VirusTotal (a malware analysis service owned by Google) to scan skills uploaded to ClawHub, its marketplace for AI agent extensions. The system creates a unique SHA-256 hash (a digital fingerprint) for each skill and checks it against VirusTotal's database, automatically approving benign skills, flagging suspicious ones, and blocking malicious ones, with daily rescans of active skills. However, OpenClaw acknowledged that this scanning is not foolproof and some malicious skills using concealed prompt injection (tricking the AI by hiding malicious instructions in user input) may still get through.

Solution / Mitigation

OpenClaw announced it will publish a comprehensive threat model, public security roadmap, formal security reporting process, and details about a security audit of its entire codebase. Additionally, the platform added a reporting option that allows signed-in users to flag suspicious skills.

Classification

Attack Type

Prompt InjectionSupply ChainData Extraction

Attack SophisticationModerate

Affected Vendors

Google

Related Issues

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Similar attackTechCrunch

critical

CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

Similar attackNVD/CVE Database

Original source: https://thehackernews.com/2026/02/openclaw-integrates-virustotal-scanning.html

First tracked: February 12, 2026 at 02:20 PM

Classified by LLM (prompt v3) · confidence: 92%